Category Archives: zA High-Tech Blech!

Computers got you down? Microwave wristwatch talking back again? Survival solutions abound.

An IT professional in confessional.

VPN to a Remote Server without Abandoning Your Local Network

This article is specifically about creating a VPN from an Ubuntu client (with openvpn) to a Windows Server 2003 network.  You ought be able to make adjustments from what I present to make this useful in a number of related situations.

I did this work between an Ubuntu 8.10 machine and a client network where SBS 2003 was the only server present (behind a firewall).  I leave it up to you to set up the machines/firewalls as appropriate.  What I will show here is how to ensure that you are able to connect to the remote server using RDP while still being able to attach to local network resources and the Internet.

I work as an IT professional and need to be able to do this for professional reasons, for instance I need to be able to ensure a solid instant messaging connection while I sign into and out of client VPN’s and client servers.  This does represent a security risk to both your local network and to your client networks (as each network becomes reliant upon the assumption that the other network firewall and viral protection will succeed—and we all know what it means to assume).

In short, don’t come crying to me when you hose a network because I offered you these instructions.  Unless you believe I will see the comedic value present therein.

You’ll have to install openvpn on your Ubuntu machine.  This you will find natively in Synaptic.  I’ll hold…

Ok, now create your VPN connection:

  • Open Network Configuration (System —> Preferences —> Network Configuration).
  • Click the Add button and choose Point-to-Point Tunneling Protocol (PPTP) from the drop down menu on the dialog which follows (and then click the Create button)
  • Put your remote server address in the Gateway: field (such as; enter your User name: for that remote network; and include the NT Domain: (you needn’t include the .whatever)
  • Click the Advanced button and ensure the Use Point-to-Point encryption (MPPE) is checked—the other defaults should be fine
  • On the IPv4 Settings tab click the Routes… button—you will create your routes using this dialog so remember how to return to it

You will add two routes—one for the local network and one for the remote network.  This is the tricky bit.

  • Close openvpn and connect to the remote network
  • Open a terminal and enter ifconfig
  • You will want your local Netmask (presumably listed with eth0 and called mask)
  • Click the Add button and create your first Route formatted as local.dns.server — Netmask.from.ifconfig — local.gateway.perhaps.router as numerical values (so maybe

Again from the ifconfig information, find your VPN IP address, presumably under ppp0 (we’ll call our remote network 192.168.2.x) and the Netmask associated therewith.  Go back into Network Configuration and return to Edit this VPN so we may add the second Route.

  • Click the Add button and create your second Route as remote.server.vpn.address — vpn.netmask.from.ifconfig — local.machine.ppp0.address (so maybe
  • Close out of Network Configuration and go ahead and close and reconnect to the VPN in question

You ought to be able to RDP into the remote server, RDP into your local server, run Skype, run Pidgin, surf the Internet locally, run Transmission, all without breaking your VPN connection.

I’ll admit this is a rather quick and dirty solution so I’m all for reviewing your alternatives.

Best of luck, you crazy aardvarks.


A Ripper of a Ripper, Grip

I’ve been mostly satisfied with Sound Juicer as a ripping device on my Ubuntu systems.  I think that for most users its interface is a perfect balance of elegance and simplicity.  I have been using it to encode FLAC files from my CD’s for some time now (see this post).  However, if you are really serious about lossless audio compression you may want to make this next step with me.

I have been recommended an application called Grip (a Gnome based ripping application).  It does have a lot of features where Sound Juicer might be considered lacking, but you’ve also got to be willing to take a bit more of a technical role in setting the application up.

As I said, I think Sound Juicer is good enough for most people in most circumstances.  Don’t feel like you have to run down this path to get good results.  This article, this application, is for those of you who would like to take your anal retentiveness ripping to the next level.  Grip seems to have both a higher compression capacity (smaller files) and better error correction (very fault-intolerant).  But you should make your own decision about whether it is necessary for you.

You can download Grip through Synaptic:

System —> Administration —> Synaptic Package Manger

Mark it for installation and Apply that change.  Once Grip is installed it will be located in your programs:

Applications —> Sound & Video —> Grip

At once you will notice that it has a lot more going for it than Sound Juicer in terms of its interface.  Many tabs with sub-tabs with a plethora of configuration options.  I will go over only those that you will require to prepare for ripping FLAC’s the way that I have mine set up.  You are on your own to explore further.

Choose the Config tab.  Under the CD sub-tab you will have to ensure that your CD device is shown under “CDRom Device:”  The default will be “/dev/cdrom” but my CD drive was listed as cdrom3 under dev (so I had to change that line to “/dev/cdrom3“).  Open a Terminal and run the ls command under /dev to see what your CD drive is called.  (I also ensured that nothing auto-plays.)

Under the Rip sub-tab and under that’s Options sub-tab I unchecked all the auto settings (I don’t like seeing things done before I give the order).  (You shouldn’t need to make any changes under the Ripper sub-tab.)

Now we come to the Encode sub-tab.  Under the Encoder sub-tab select flac from the Encoder: drop-down.  Here are my settings for the four fields which follow:

  • Encode executable: /usr/bin/flac
  • Encode command-line: –best -V8 -o %m %w -T “ARTIST=%A” -T “TRACKNUMBER=%t” -T “ALBUM=%d” -T “TITLE=%n” -T “GENRE=%G” -T “DATE=%y”
  • Encode file extension: flac
  • Encode file format: ~/Music/%A/%d/%t – %n.%x

Sorry, that command-line text gets changed in the html rendering.  You will want to copy and paste this version (or change the — before best into two dashes):

–best -V8 -o %m %w -T “ARTIST=%a” -T “TRACKNUMBER=%t” -T “ALBUM=%d” -T “TITLE=%n” -T “GENRE=%G” -T “DATE=%y”[/CODE]

That first bit (executable) I think calls up the codec for encoding into FLAC.  The file extension is self-explanatory.  The other two I will tell you what I can.

The file format places your encoded files into your Music directory (~/Music) and creates a folder according to the Artist Name (%A) and then a sub-folder according to the Album Title (%d).  Within that album folder the tracks are named as track number (%t), dash, song title (%n), dot (.), and file extension or flac (%x).  That’s how I like mine.  Modify yours as you prefer.

The command-line bit does more than, strictly speaking, it needs to but this streamlines things so this is the way I have set mine up.  The –best tells it to encode FLAC’s at the highest compression possible (which means the slowest compression times).  I don’t know what -V, -o, %m, or %w do but it works and I haven’t seen a need to investigate it.  All the others (each preceded by a -T) creates a specific bit of tag data.  Again, feel free to modify it as you prefer.

I know this arrangement works.  Test your changes to ensure they also work.  Let me know if you discover something interesting or useful.

That tab was fun.  Let’s look at the ID3 sub-tab.  Since I am using the command-line information above to add my tag information I have checked Only tag files ending in ‘.mp3’ and so the remainder of this tab is uninteresting to me.  (Subject to change as I discover something new.)

Those are all the change I made.  Close and reopen Grip to set all of these configurations.

When you insert a CD none of the files will be selected under the Tracks tab.  If you click the Rip+Encode button (under the Rip tab) you will be asked if you want to encode the whole disc.  Alternatively you can select individual tracks for ripping.

Thanks to this page and this page for some of my information.

Happy ripping.


Converting .shn Files into .flac Files

The Shorten (.shn) audio format was an early attempt at compressed lossless audio.  It has all of the detriments of using waves and it really doesn’t compress very far (nor very fast).  However, out there on the Interweb you will still find Shorten audio files—particularly on live music exchange sites.  Since tagging is not available, the compression could use improvement, and Shorten files are not very well supported on any platform I have been converting my .shn files into .flac files (FLAC or Free Lossless Audio Codec).

(If you are not very familiar with FLAC’s you may want to check our my earlier post.)

Once converted everything is better off.  I am able to add proper tags to the FLAC files, they are compressed smaller than the original Shorten files, and the FLAC’s are widely supported on all platforms.

Widely supported?  On Ubuntu everything that plays audio likely plays FLAC files.  On Windows you can use Winamp or I am told there exists a plugin for WMP.  On the Mac there is a QuickTime plugin and iTunes can be induced to play them (see my post) or more easily there a few applications available (Cog, Play, Vox).  Of course VLC will handle them on any platform.

Making these conversions was a bit on the clunky side, but fortunately it only needs to be done once and then you can discard those naughty antiquated Shorten files.  Since both formats are lossless this should represent no change in audio quality as it represents no change in information.

There are four applications which I know will make the conversion from Shorten files to FLAC files: SoundConverter, SoundKonverter, Winamp, and PACPL.  SoundConverter is a Gnome based application (available through Synaptic).  SoundKonverter is a KDE based application (also available through Synaptic and functional within Gnome).  Winamp (I am not clear if these plugins are always included out of the box) will also make these conversions on Windows machines.  PACPL is a Perl application for the command line.  It looks wickedly powerful but I did not load it as I wanted to use what I could download through Synaptic.

I had a terrible time with SoundConverter.  It crashed during any file conversion.  Perhaps it didn’t like the file location (a secondary mounted drive).  Perhaps there was a quirk with these particular Shorten files.  Regardless, I was obligated to use the KDE application.

I did run into some troubles with SoundKonverter, but these were not show stoppers.  Once I figured out its controls (its GUI is a bit sloppy) I was able to convert files over without too much hassle.  I don’t like having to install all of the extra library support that comes from installing a KDE application into a Gnome environment, but so it goes.  It did the job and I was able to convert all this early Zep live material into my preferred audio format.

Like I said, I didn’t test PACPL but it does look like a powerful utility.  According to this post over at Ubuntu it can be connected with different GUI’s (the poster uses KDE but there may be ways to connect to Gnome GUI’s as well).  That post is really quite definitive if you are interested in using PACPL in Ubuntu (and perhaps useful if you are using another distribution)

Well, I hope some of you find this post useful.


Ubuntu Users Update to Opera 10

If you are not already using Synaptic to get your Opera updates, you will want to use my other post instead.  If you have already added the Opera repositories and key this is the post for you.

With the release of Opera 10 you will get an error when attempting to load your newest updates list.  This is because your old Opera key has expired.  Adding the new key is easy and you have a couple of choices on how to do so.

First you may import the key manually.

Go here and copy the entire block of code near the bottom of the page (including both lines with several dashes which represent the BEGIN and END statements for the key). Save this text into an empty file some place easy to find, like your desktop. To create an empty file on your desktop, merely right-click on the desktop and choose Create Document —> Empty File. Name it whatever makes it easy for you to find it and just paste those lines of text directly into the document. Save the file. (After you import the key you may delete this file.)

Let’s import that key.

Go back to Synaptic and navigate to Settings —> Repositories —> Authentication and click the “Import Key File…” button. Find the file you just saved with the key in it and click “OK” to import the key and then the “Close” button which follows.

Then just click the “Reload” button in Synaptic to refresh your list of packages.

Alternatively, you can add the key by entering one line of code into a terminal (Applications —> Accessories —> Terminal):

  • wget -O – | sudo apt-key add –

Once you have your updated key in place you can remove the old Opera and install Opera 10.  First find Opera in the list of packages.  You will note an entry for Opera 9.[something] and an entry for Opera 10.  By right-clicking on the box to the left of each, mark Opera 9 for removal and Opera 10 for installation (do not mark Opera 9 for complete removal or your settings will go away).  Click the “Apply” button and let Synaptic do its magic.

Please note that the first time you run Opera 10 it will load up and then appear to hang.  This might last ten or fifteen minutes.  Then it will come back to you.  It’s doing something behind the scenes apparently.  If you kill it before allowing it to finish whatever it’s doing, you’ll have to wait for it the next time (ie: the first time all over again).  After it completes this the first time you run it you can exit and reopen Opera and it will perform as expected.

How cool is that?


Opera 10 Hits the Ground Running

I have been running Opera 10 in beta on my test machines for a while now, but they have released the official and so I have updated all of my usual machines (Mac, Windows, and Ubuntu).  (Ubuntu users: please watch for my next post on updating to Opera 10 through Synaptic.)

It is very apparent that this new version is much faster (faster than fastest is faster still).  They have also added a handful of new features which regular users will find rather handy.

For instance, you can now run a spell checker through Opera on any page.  This saves me a step in making my blog posts.  I have been dumping my text into a Tomboy Note to check the spelling (Tomboy on Ubuntu auto-spell-checks), and then fixing the spelling errors as they appeared.  Now Opera puts a subtle red line under any word it does not recognize.  Right-clicks give suggestions and allow you to add words to your dictionary.  (I just added Ubuntu.)

Another interesting new feature is in the tab bar.  You can now expand the tab bar (by dragging down on a handle) and turn all of your tabs into thumbnail versions of the pages.  This is an advancement over the previous mouse-over tab feature which would spawn a thumbnail temporarily.

If you are using an older version of Opera it’s time to update.  If you are not using Opera, it’s time to kick of the training wheels and meet the Net head-on, full-throttle forward.

Here is their information page on Opera 10.  Or you can download it here.

Life just keeps getting better.


Returning Encryption to the Latest Ubuntu

Older versions of Ubuntu included a space for each user, encrypted by default and decrypted as that user logged in, under the home area within the folder hierarchy.  The most recent version of Ubuntu (9.04) does not include this feature out of the box.

I rather like this implementation.  Each user has a secure folder-space which is continually encrypted and protected from access by even other local users (though administrators would still have the power to access the user’s account by changing the password and then logging in as that user).  Its simplicity is where this shines.

Essentially, for those unfamiliar, under your Home directory there will be a folder called Private.  That folder and its contents are stored in an encrypted format (using a special file system) and are only decrypted as that user logs into the machine.  Simple and effective, I was rather surprised to see it removed from the latest release.

As fortune would have it this feature is very easy to re-implement for anyone using the newest release of Ubuntu.  It’s merely two lines of code into a terminal (Applications —> Accessories —> Terminal):

  • sudo aptitude install ecryptfs-utils
  • ecryptfs-setup-private

(Thanks to this page at Ubuntu for the information.)

Happy hunting.


AVG Outfoxed Firefox

I had been using AVG for some time, but I have been moving over to Avast! for several reasons.  AVG isn’t horrible.  It’s just that I think Avast! is currently doing a better job.  All of this aside I want to report a problem that came up recently in case this is useful to anyone still using AVG.

I was helping a user with a Vista machine which was running AVG for viral protection.  The user was not able to download or save files.  That’s not exactly true.  If I saved a Web page, the main file would not save though the folder with the associated images, js files, and so forth would be saved.  But the usual method of downloading an installer and saving that file to the desktop was a complete no-go.

Both Opera and Internet Explorer were able to save files as expected.  And yet Firefox failed silently.

In short, Firefox behaved as though it was downloading the file correctly.  But then the file wasn’t getting to the save location.

I disabled all plugins; I removed all toolbars; and I followed some interesting Mozilla hacks (here and here).  All to no avail.

Since Firefox acted as though it was performing the download and save correctly I thought it must be either the firewall or the virus protection.  Kill each and see which succeeds.

Needless to say, I found myself wanting to remove AVG.  So I gutted AVG using Revo Uninstaller and all was well.

I loaded Avast! onto his machine and now he’s as happy as a monk in October.



My Pidgin Ain’t Yodelling Today

Ah, the sounds of Spring…

Well, yeah, it’s the middle of summer but never mind that.  I have been having difficulties with my Yahoo connections.  I don’t use their bulky, rancid chat client.  No, I use a multi-protocol chat client.  My preferred client is Trillian but it doesn’t run perfectly on Wine (a Windows emulator I use in Ubuntu), so sometimes I bite the bullet and run Pidgin.

Pidgin is an open-source option for the multi-protocol chat clients.  Allow me to explain that for the uninitiated in the audience.  Pidgin is a program that allows one to interact within many chat venues—like Yahoo! and Windows Live and AIM—without having to run the proprietary software generously foisted on us by those behemoths.  (Pidgin also publishes its source code for all to enjoy.)

Of course those behemoths would prefer each of should use their chat client, adore the ads they place before us, and sacrifice our first borns on the alters of their corporate ledgers. But I digress.

These companies sometimes make changes to the manners in which their clients interact with their servers.  Standard operations for them.  Plays occasional havoc for the developers of applications like Trillian and Pidgin (and Adium).

Anyway, my Pidgin hasn’t been able to consistently connect to Yahoo for some time now.  After the usual research I found a couple of articles which finalized the problem (here and here).  Basically, Yahoo has changed its authentication method and Pidgin hasn’t caught up quite yet.

I went ahead and installed the beta version of Trillian Astra (their newest client, currently in beta) on my Ubuntu machine using Wine, but there are problems with the visual displays within those Trillian windows (specifically the contact list) which make it effectively unusable.

Hopefully the folks at Pidgin will be able to get this sorted out soon.  Alternatively, the folks at Wine might get the issues with Astra sorted out too.


Exchange Sends Error Code 12263

This has happened to me a couple of times; I reboot my server and attempt to connect Thunderbird (from my Ubuntu desktop) back to my Exchange mail server (on an SBS 2003 machine) and I get this message which ends in “error code -12263”.

Oh, what? You don’t know what 12263 is? Beats the fuck outta me.

A Google search yielded several problems which barely applied to my situation (most of them dealt with this error in relation to secure Web sites using https) and I found some information about a certificate problem (which actually dealt with Thunderbird).  None of the offered solutions did me any good.

However, this was all pretty good information for me.  I hopped over to my server and attempted to restart IMAP4:

  • Right-click on My Computer
  • Choose Manage from the context menu which appears
  • Find Services and Applications on the right
  • Click the + to expand Services and Applications
  • Locate Services below that and click on it
  • Right-click on Microsoft Exchange IMAP4
  • Choose Restart from that context menu

That failed for me too.  But IMAP is dependent upon IIS Admin Service (Internet Information Services):

  • Start –> Programs –> Administrative Tools –> Server Management
  • Expand Advanced Management
  • Expand Internet Information Services
  • Right-click on [YourServerName] (local computer)
  • Choose All Tasks –> Restart IIS… from the context menu

So, looks like it was useful information that other folks were experiencing problems with secure sites.

I then restarted IMAP4 again just to confirm it would restart.  After that I was able to connect to my various mail boxes from Thunderbird without issue.

Go figure.


How to Fix that Broken Admin

I just updated to WordPress 2.8 (from 2.7.1).  I manually downloaded the new version, deleted my old wp-includes folder (standard procedure), and copied the new folders and files into place.

Broke everything on the back end.  I was able to publicly view my site.  I was able to sign in to my blog.  But all of the admin areas were not responding (or rather I was getting errors).

I removed all of my plugins from the plugins folder and this returned the admin functionalities.  Next was the matter of determining which of my plugins were acting badly.

One at a time I copied my plugins back into my plugins folder.  I had one plugin that was breaking my admin areas (you may encounter others).  My Google analytics plugin would break my admin areas every time.

Fortunately I was able to find this useful solution.  Essentially, you go into the plugin files (in my case the file called sem-google-analytics-admin.php) and replace all instances of is_site_admin() with is_admin() (so remove _site from each one; I had two instances).

After making that change I was able to copy analytics over again and subsequently enable the plugin.

Happy hunting.